North Korea's Lazarus hackers exploited a Windows AppLocker driver zero-day to gain kernel-level access and turn off security tools that could detect the group's bring-your-own-vulnerable-driver exploitation techniques. Microsoft fixed the bug in its February patch dump.
Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept at "living off the land" techniques, warned threat intelligence firm Mandiant.
Cybersecurity researchers identified a suspected Iranian espionage campaign targeting aerospace, aviation and defense industries across the Middle East. Hackers targeted employees within the aviation and defense sectors with fake job offers for tech and defense-related positions.
How Identity Protection and Advanced Threat Intelligence Fortify the Top Entry Point for
Adversaries
80% of attacks involve stolen or misused credentials1
Identity-related attacks continue to increase in volume and complexity, with advertisements for access broker services up 147% in the past year.2 Adversaries...
While overall ransomware profits might remain high, many of the remaining or rebooted top-tier groups are "really struggling" with scarce talent, trauma from the Russia-Ukraine war and repeated disruptions by law enforcement, say researchers from threat intelligence firm RedSense.
The novel variant of the banking Trojan Mispadu is targeting Latin American countries, especially Mexico, by exploiting a flaw in Windows SmartScreen. In this latest distribution method, the attackers send spam emails that deliver deceptive URL files that circumvent the SmartScreen banner warning.
In times of conflict, such as the Israel-Hamas war, intelligence becomes even more important than it is in peacetime. Red Curry, chief marketing officer at Tautuk, and his brother, Sam Curry, CISO at Zscaler, discuss the need for a combined intelligence strategy and better resilience in wartime.
Traditional SIEM falls short for CISOs due to evolving threats and data overload. The need for advanced analytics is clear to effectively identify and detect threats. Costs are a major concern, and budgets are tight. Automation is desired, especially in the triage phase, but confusing cost models for tools add...
Overwhelming data. Imposing organization silos. Lack of insight from tools and information. These are broad challenges shared by many public sector entities. Fadi Fadhil of Palo Alto Networks offers strategies to address the complexities and streamline cybersecurity operations.
No doubt, limited budgets impact the ability of public sector organizations to invest in robust cybersecurity measures. But Fadi Fadhil, CIO at Palo Alto Networks, says AI is one emerging technology these agencies can put to use to help mitigate resource constraints and a dearth of security skills.
Enterprises continue to invest in cybersecurity solutions, with spending projected to double from US$92 billion in 2022 to over US$170 billion by 2027. The 2023 Exabeam Global State of Threat Detection, Investigation, and Response (TDIR) Report, conducted with more than 1,100 senior security and IT professionals...
In the wake of an apparently weak password being harvested by information-stealing malware and used to disrupt telecommunications giant Orange Spain's internet traffic, an expert is warning all organizations to beware of copycat attacks - and to lock down their internet registry accounts.
Ukraine's security intelligence chief said Russian hackers had been responsible for severing internet access and mobile communications from telecom operator Kyivstar in December, after compromising the firm's network months ago. He said the "disastrous" cyberattack had wiped "almost everything."
The Cybersecurity and Infrastructure Security Agency announced plans to launch a two-year effort beginning in 2024 to modernize its legacy Automated Indicator Sharing program as part of an effort to enhance collaboration with the private sector and provide more actionable data to its partners.
As the attack surface continues to evolve and expand, it’s essential that organizations respond accordingly. Progressive cybersecurity programs consider attack surface management (ASM) a core component of a wider set of processes and capabilities known as continuous threat exposure management (CTEM).
Check out...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.